This article gives an idea about how your Android pentesting environment should look like. What tools should I use? Do I really need a physical device? Do I need a rooted device to pentest an application?
Author: Ionut Morosan
Practical Network Penetration Tester (PNPT): Real-life Penetration Testing exam – Tips & Tricks to pass the exam
The PNPT certification exam is a one-of-a-kind ethical hacking certification exam that assesses the ability to perform an external and internal network penetration test at a professional level.
Mobile Pentesting 101 – Bypassing Biometric Authentication
Android and iOS Fingerprint bypassing techniques. The article presents multiple biometric bypass methods, including Frida and objection.
IoT Pentesting 101: How to Hack MQTT – The Standard for IoT Messaging
Pentesting IoT MQTT protocol on emulated environment deployed using mosquitto. Dictionary attacks, DoS, or exploiting dummy ICS Environments are presented.
Runtime Mobile Security (RMS) – How To Instrument Android Java Classes And Methods At Runtime
Runtime Mobile Security (RMS) is a powerful web interface powered by Frida that helps you manipulate Android and iOS Applications at Runtime.
Root detection and SSL pinning bypass
There are multiple methods to circumvent the client-side security that blocks the usage of the tested application in an unsafe environment such as Rooted or Jailbroken devices. Next, I will give you the top-most used methods for iOS and Android.
Security Café 